– Written by Paolo di Fresco.

The dizzying evolution of mass communications, with the technological innovations of the last twenty years, has inevitably impacted the criminal trial: on the one hand, it greatly expanded the freedom of action for investigators (who need only seize a smartphone to gain detailed knowledge of a suspect’s social relationships); on the other hand, it has fueled a certain hunger for knowledge among judges, inclined to bend the rules regarding evidence in order to establish the facts.

Relationship between computer data and documentary evidence

For several years, case law has considered that emails, WhatsApp messages, SMS, and, more generally, all communications stored in the memory of an electronic device constitute documents in every respect. As such, they can be reproduced through photography, cinematography, phonography, or any other means. Therefore, it would not be necessary to apply the rules regarding:

  • seizure of correspondence (art. 254 c.p.p.), which involves “an ongoing or already initiated activity of sending by the sender through delivery to a third party for delivery[1];
  • Computer or telematic interceptions (Article 266-bis c.p.p. ), which regulate the “interception of an ongoing flow of communications, where the data present in the memory of the phone acquired ex post constitutes mere documentation of said flows[2].

This interpretative approach, however, relies on an equivalence between computer data and tout court documentary evidence in general, which tends to oversimplify the notion of a document, disregarding the way information is incorporated into the material support.[3].

Unlike documentary evidence (Article 234 c.p.p.), in fact, computer data is inherently immaterial. The information does not merge with the physical support, as is the case with a letter where the representative element incorporates into the paper through writing, but it can be transferred from one device to another (smartphone or server provider) countless times.

This ease of transmission of computer data increases the risk of potential alterations. Thus, technical skills are not required to modify messages, send false ones, or manipulate digital images reproducing a conversation stored on a smartphone.

The theme of the authenticity of digital materials

Guaranteeing the authenticity of digital data inspired the law dated March 18th, 2008, no. 48 (ratification and implementation of the Council of Europe Convention on Cybercrime)[4], which updated the provisions regarding the search for evidence, expanding its scope to include computer and telematic systems. It emphasized the necessity of adopting “technical measures aimed at ensuring the preservation of original data and preventing its alteration”.

Leveraging these new operational rules and the new formulation of Article 254 c.p.p. (which includes “letters, packages, parcels, valuables, and other objects of correspondence, even if transmitted electronically”), some scholars have suggested applying the rules of the seizure of correspondence (Article 254 c.p.p.) to new technological means as well.[5].

This way, email, SMS, and WhatsApp messages would be covered by the principle of secrecy of correspondence established by Article 15 of the Constitution. Therefore, their eventual seizure should always be authorized by the judicial authority through a reasoned decree, clarifying the reasons why the action appears indispensable for the continuation of the investigations.

Jurisprudential guidelines in Italy

The case law, which has repeatedly maintained that the law 48/2008, did not introduce probative prohibitions but only an “obligation for the judicial police to respect certain protocols of behavior, without providing any procedural sanction in case of failure to adopt them, and any effect on the reliability of the evidence represented by the carried out investigation would be possibly derived[6].

Furthermore the law has not modified the text of Article 234 c.p.p., thus leaving unchanged the risk „that the generalized attribution of prints or paper supports to the genus ‚document‘ may result in a ploy to evade control over the authenticity of the digital information incorporated therein[7].

Indeed, the absence of procedural sanctions in the event of mishandling of digital evidence on one hand, and the lack of updating the normative framework of Article 234 c.p.p. on the other hand, provide strong arguments to those who consider the screenshot (printed by the judicial police or by the aggrieved party themselves) as documentary evidence in all respects.

This stance implies the risk that, in practice, the use of questionable probative shortcuts may prevail over the correct procedure, according to which the computer equipment (from which the data is extracted) should be subjected to probative constraints to be examined following the rules of non-repeatable technical investigation[8].

A technical investigation would be more effective than simply „capturing“ the screen of an electronic device. This would be in the interest of the public prosecution as a well-structured investigative activity would provide more comprehensive and reliable evidence than a mere screenshot of the electronic device.

It is worth noting how the older jurisprudence conditioned the admissibility of digital evidence to “acquiring the support – telematic or figurative – containing the mentioned recording, with its transcription serving merely as a reproductive function of the content of the primary documentary evidence”.  In this perspective, it appeared necessary to “verify the reliability of the evidence itself through a direct examination of the support in order to ascertain both the authorship of the recordings and the reliability of the documented content[9].

Embracing the fundamental principles of Law 48/2008, which emphasize best practices and competent operators for acquiring computer data, the jurisprudence demonstrated appropriate caution in approaching such data, which is inherently fragile and subject to alteration. Conversely, the courts showed a certain mistrust towards an overly casual use of the principle of the judge’s free conviction, recognizing the potential risks associated with digital evidence.

The current trend in legitimizing digital data

Unfortunately, this commendable stance has gradually given way to the prevailing interpretive approach today, which deems the acquisition of screenshots or other digital data legitimate, regardless of the seizure of the device and the proper extraction through the creation of a forensic copy.

The choice to acquire digital data as if it were documentary evidence allows the introduction of information of dubious origin into the proceedings, which may be challenging for a judging body „lacking normative parameters aimed at regulating the reliability control of digital evidence, and this absence cannot be compensated by criteria of strengthened evaluation of the evidence, elaborated for this purpose by the jurisprudential forge[10].

The judiciary’s favor towards the indiscriminate admission of screenshots or screen captures into the trial seems to reflect a certain impatience towards the limits of usability of the probative material, through which „the system appears to believe that a deficit of knowledge is preferable to a deficit of probative reliability“[11].

This aversion towards formalities and their presumed inefficiency may perhaps be influenced by a collective aspiration for security, to which even judges are not immune, leading to considering the rules of due process as „a subtlety that opposes a real solution to the problem[12].

And it calls into question the role of judges in the legal process or, in legal terminology, their questionable inclination to „arrogate to themselves the right to create the rules that they will later apply in line with the progress of the game, often in a way that accommodates the actions of the investigating authority, following the pattern where ultimately what matters is the result in terms of establishing responsibility[13].

Do not hesitate to contact us for more info.


[1] Court of Cassation, section III, November 252015, no. 928, in CED Court of Cassation , rv. 265991.

[2] Court of Cassation, section  VI, January 17th, 2020, cit. Similarly, Curt of Cassation, section V, June 24th, 2022, cit., according to which “the documentation of communications that took place on a chat extracted through screenshots by one of the participants, although without the authorization of the other users, does not constitute interception under articles 266 and following of the Code of Criminal Procedure. This documentation represents a phonic storage of a historical fact, of which the author or the judicial authority can legitimately dispose for the purpose of evidence in the trial, in accordance with the provision of article 234 of the Code of Criminal Procedure”.

[3] Del Coco, The probative use of WhatsApp data between regulatory gaps and jurisprudential advances, in Criminal Proceedings and Justice, 2018, 537.

[4]For a comprehensive commentary, LUPARIA (edited by), Criminal System and Cybercrime: substantive and procedural aspects in the Implementing Law of the Budapest Convention on cybercrime (law of 18 March 2008, no. 48), Milan, 2009.

[5] Luparia, The ratification of the Council of Europe’s Cybercrime Convention. Procedural profiles , in Criminal Procedural Law, 2008, 721.

[6]  Court of Cassation, section V, May 6th, 2020, no. 13779 in Criminal Trial and Justice, at the address  <http://www.processopenaleegiustizia.it>;  Court of Cassation, section V, May 28th, 2015, no. 33560, in CED  Court of Cassation, rv. 264355;  Court of Cassation, section V, November 16th, 2015, no. 11905, in CED  Court of Cassation, rv. 266476.

[7] Del Coco, The probative use of WhatsApp data between regulatory gaps and jurisprudential advances, cit., 536.

[8]Pittirutti, The procedural use of messages sent through the Telegram application: between probative shortcuts and principles of computer experience, in Internet Law, 2020, 319.

[9] Court of Cassation, section V, October 25th, 2017, sentence no. 49016, in Proc. pen. giust., 2018, 529.

[10] Del Coco, The probative use of WhatsApp data between regulatory gaps and jurisprudential advancements , cit., 537.

[11] Giostra, First lesson on criminal justice, Bari, 2020, 22.

[12] Silva Sanchez, The expansion of criminal law. Aspects of criminal policy in post-industrial societies , Milan, 2004, 42.

[13] Mazza, Critique of atypical evidence in the jurisprudential drift in Defense Law, 2022, 61.